<?php
function insert($db,$table,$data){
    //$cols=implode(",",array_keys($fields)); //insertassoc
	$table=mysql_real_escape_string($table);
	$clean=array();
	foreach(array_keys($data) as $col){
		$clean[mysql_real_escape_string($col)]=mysql_real_escape_string($data[$col]);
	}
	
	$cols=array_map('mysql_real_escape_string',array_keys($data));
	$values=implode(',:',$cols);
	$cols=implode(',',$cols);
	//$defs="insert into $table ($cols) values (:$values)";
	$defs="INSERT INTO `sitegeist`.`tess` (`id`, `name`) VALUES (NULL, 'hello');";
	
	//$defs="INSERT INTO `sitegeist`.`tess` (`id`, `name`) VALUES (NULL, 'hello');"
	
	//$defs='insert into '.$table.' ('.implode(',',array_keys($clean)).') values ('.implode(',',$clean).');';
	echo$defs;
	$q=$db->prepare($defs);
	echo'<br/>xxxxxxx';
	$q->execute();
	//$q->execute($clean);
}
?>